[QPID-7696] [Java Broker] Deletion of a temporary queue can crash the broker with certain ACLs - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Closed
Priority: Critical
Resolution: Fixed
Affects Version/s: qpid-java-6.0, qpid-java-6.1.1
Fix Version/s: qpid-java-6.1.2, qpid-java-6.0.7
Component/s: Broker-J
Labels:
None

Description

ACL:

ACL ALLOW-LOG testUser CREATE QUEUE temporary="true"
ACL ALLOW-LOG testUser DELETE QUEUE temporary="true"
ACL ALLOW-LOG testUser ACCESS ALL
ACL ALLOW-LOG admin ALL ALL
ACL DENY-LOG ALL ALL

client code:

    /* create connection */
    Session session = connection.createSession(true, Session.SESSION_TRANSACTED);
    TemporaryQueue temporaryQueue = session.createTemporaryQueue();
    temporaryQueue.delete();
   /* cleanup */

This crashes the broker v6.1.1

########################################################################
#
# Unhandled Exception java.security.AccessControlException: Permission DELETE is denied for : Binding 'TempQueuec64ba00d-9b7c-44f2-9217-80c954234ce4' on Queue 'TempQueuec64ba00d-9b7c-44f2-9217-80c954234ce4' Exchange 'amq.direct' in Thread IO-/127.0.0.1:53477
#
# Exiting
#
########################################################################
java.security.AccessControlException: Permission DELETE is denied for : Binding 'TempQueuec64ba00d-9b7c-44f2-9217-80c954234ce4' on Queue 'TempQueuec64ba00d-9b7c-44f2-9217-80c954234ce4' Exchange 'amq.direct'
	at org.apache.qpid.server.model.AbstractConfiguredObject.authorise(AbstractConfiguredObject.java:2959)
	at org.apache.qpid.server.model.AbstractConfiguredObject.authorise(AbstractConfiguredObject.java:2891)
	at org.apache.qpid.server.model.AbstractConfiguredObject.authoriseSetAttributes(AbstractConfiguredObject.java:2970)
	at org.apache.qpid.server.model.AbstractConfiguredObject$15.execute(AbstractConfiguredObject.java:1659)
	at org.apache.qpid.server.model.AbstractConfiguredObject$15.execute(AbstractConfiguredObject.java:1629)
	at org.apache.qpid.server.model.AbstractConfiguredObject$2.execute(AbstractConfiguredObject.java:632)
	at org.apache.qpid.server.model.AbstractConfiguredObject$2.execute(AbstractConfiguredObject.java:625)
	at org.apache.qpid.server.configuration.updater.TaskExecutorImpl$TaskLoggingWrapper.execute(TaskExecutorImpl.java:240)
	at org.apache.qpid.server.configuration.updater.TaskExecutorImpl$CallableWrapper$1.run(TaskExecutorImpl.java:312)
	at java.security.AccessController.doPrivileged(Native Method)
	at javax.security.auth.Subject.doAs(Subject.java:360)
	at org.apache.qpid.server.configuration.updater.TaskExecutorImpl$CallableWrapper.call(TaskExecutorImpl.java:305)
	at java.util.concurrent.FutureTask.run(FutureTask.java:266)
	at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
	at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
	at java.lang.Thread.run(Thread.java:745)

Process finished with exit code 1

I have not tested with other versions of the broker, yet.

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending

QPID-7696-remove-queue-bindings-on-queue-deletion-regardless-availability-unbind-acl-rule.diff
14/Mar/17 18:21
2 kB
Alex Rudyy

Activity

People

Assignee:: Unassigned

Reporter:: Lorenz Quack

Votes:: 0 Vote for this issue

Watchers:: 3 Start watching this issue

Dates

Created:: 10/Mar/17 15:52

Updated:: 23/Mar/17 17:14

Resolved:: 15/Mar/17 12:57